REMARKS 



Claims 1, 8, 9, 1 1, 27, 33, 34, 43, 51, 62 and 66 have been amended. Claims 7, 32 
and 48 have been canceled. Therefore, claims 1-6, 8-31, 33-47 and 49-72 remain 
pending in the application. Reconsideration is respectfully requested in light of the 
following remarks. 

Section 102(a) Rejection : 

The Office Action rejected claims 1-15, 17-22, 24-37, 41-55 and 57-72 under 35 
U.S.C. § 102(a) as being anticipated by Czerwinski, et al. "An Architecture for a Secure 
Service Discovery Service," (hereinafter "Czerwinski"). Applicants traverse this 
rejection for at least the following reasons. 

Regarding claim 1, Czerwinski fails to teach determining client capabilities for 
the client, wherein the client capabilities are capabilities of the first service that the client 
is permitted to use, and binding the client capabilities to the authentication credential . In 
contrast, Czerwinski teaches two separate mechanisms for authentication credentials and 
capabilities, respectively. Specifically, Czerwinski discloses a Certificate Authority 
responsible for providing authentication certificates and a separate Capability Manager 
that generates and distributes capabilities. Under Czerwinski 5 s system, a client contacts a 
Capability Manager to obtain a capability credential that is later used when sending a 
query to discover services. The SDS server is responsible for matching a client's query 
with service descriptions and uses the client's capabilities to ensure that only those 
services to which the client is granted access are returned to the client. Additionally, a 
client in Czerwinski 's system separately contacts the Certificate Authority to obtain an 
authentication credential (Czerwinski, sections 3.1, 3.4, and 3.1 paragraph 5). Nowhere 
does Czerwinski describe binding the capabilities obtained from the Capability Manager 
with the authentication credential obtained from the Certificate Authority. 
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Thus, the rejection of claim 1 is not supported by the prior art and its removal is 
respectfully requested. Similar remarks as discussed above in regard to claim 1 apply to 
claim 62. 

Regarding claim 3, contrary to the Examiner's assertion, Czerwinski does not 
teach wherein said advertisement for said first service includes a data representation 
language schema defining a message interface for accessing said first service. In 
contrast, Czerwinski discloses domain advertisements that contain "the multicast address 
to use for sending service announcements, the desired service announcement rate, and 
contact information for the Certificate Authority and the Capability Manager" 
(Czerwinski, section 3.1, paragraph 1). Additionally, Czerwinski's service descriptions 
contain service metadata, such as location, required capabilities, time-out period, and 
JAVA RMI addresses (Czerwinski, section 2.3, paragraph 3). Neither the domain 
advertisements nor the service descriptions of Czerwinski include a data representation 
language schema defining a message interface for accessing a service. The Examiner has 
cited a portion of Czerwinski that describes how a client submits a query in the form of 
an XML template (Czerwinski, section 3.1). However, a client query using an XML 
template as the content of a query is very different from a data representation language 
schema defining a message interface for accessing a service . The XML template in a 
client query in Czerwinski does not define a message interface for access a service. 
Instead client queries include desired services and are matched against service 
descriptions to find services providing those desired services (Czerwinski, section 2.3, 
paragraph 3 and section 3.1, paragraph 5). Further, Czerwinski teaches the use of 
Authenticated Remote Method Invocation (ARMI) for communication between client 
applications and SDS servers, and it is well known that ARMI uses Java interface classes, 
and not data representation language schemas, to define the methods that are exposed for 
remote calling. Thus, Czerwinski clearly fails to teach wherein the advertisement for the 
first service includes a data representation language schema defining a message interface 
for accessing the first service. 
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Thus, the rejection of claim 3 is not supported by the prior art and its removal is 
respectfully requested. Similar remarks as discussed above in regard to claim 3 apply to 
claims 14, 18, 29, 37, 44, 53, 59, 64 and 70. 

Regarding claim 17, contrary to the Examiner's assertion, Czerwinski fails to 
teach said client generating a message gate for accessing said first service, wherein said 
message gate embeds said authentication credential in every message from said client to 
said first service. The Examiner has cited sections 3.1, 3.3 and 3.4 of Czerwinski that 
describe the working of the SDS server, Certificate Authority, and Capability Manager of 
Czerwinski 's system. However, neither the Examiner's cited passage, nor any other 
portion of Czerwinski, discloses generating a message gate for access the first service, 
wherein the message gate embeds the authentication credential in every message from the 
client to the first service. In contrast, Czerwinski teaches the use of Authenticated 
Remote Method Invocation (ARMI) for communication between client applications and 
SDS servers. Czerwinski also teaches that ARMI uses certificates to authenticate each of 
the endpoints and states that such authentication consists of a short handshake to establish 
a symmetric key used for the rest of the session. (Czerwinski, section 3.5.3, paragraph 
2). After the certificate-based authentication at the start of an ARMI session, only the 
session encryption key is used to validate the remaining messages of the ARMI session. 
No certificate or credential is embedded with every message of an ARMI session. Thus, 
Czerwinski fails to teach embedding the authentication credential in every message from 
the client to the service. 

Thus, the rejection of claim 17 is not supported by the prior art and its removal is 
respectfully requested. Similar remarks as discussed above in regard to claim 17 apply to 
claims 58 and 69. 

Regarding claim 27, Czerwinski fails to teach a client device configured to 
determine client capabilities for the client, wherein the client capabilities are capabilities 
of the service device that said client is permitted to use, and further fails to teach a client 
device configured to bind the client capabilities to the authentication credential . Instead, 
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as discussed above, Czerwinski teaches two separate mechanisms for authentication 
credentials and capabilities. Specifically, Czerwinski discloses a Certificate Authority 
responsible for providing authentication certificates and a separate Capability Manager 
that generates and distributes capabilities. None of the clients described by Czerwinski 
are configured to determine capabilities for a client and bind those capabilities to an 
authentication credential. The Capability Manager then generates capability credentials 
that are supplied by clients when querying the SDS server to find services. The SDS 
server ensures that only those services that the client is allowed to discover, based on the 
client's capability credential, are returned to the client. (Czerwinski, sections 3.1, 3.4, 
and section 3.1, paragraph 5). Czerwinski does not mention anything about a client 
device configured to determine client capabilities for the client, wherein the client 
capabilities are capabilities of the service device that the client is permitted to use and 
further fails to mention a client device configured to bind the client capabilities to the 
authentication credential. 

For at least the reasons given above, the rejection of claim 27 is not supported by 
the prior art and its removal is respectfully requested. Similar remarks as discussed 
above in regard to claim 27 apply to claim 51. 

Regarding claim 43, Czerwinski fails to teach a service device configured to 
determine client capabilities for the client , wherein the client capabilities are capabilities 
of the service device that the client is permitted to use, and also fails to teach a service 
device configured to bind the client capabilities to the authentication credential . Instead, 
as described above, Czerwinski teaches two separate mechanisms for authentication 
credentials and capabilities. Specifically, Czerwinski discloses a Certificate Authority 
responsible for providing authentication certificates and a separate Capability Manager 
that generates and distributes capabilities. None of the services described by Czerwinski 
are configured to determine capabilities for a client and bind those capabilities to an 
authentication credential. Instead services in Czerwinski's system contact the Capability 
Manager and specify those principals, such as clients, that are allowed to discover and 
access that service. Thus, each of Czerwinski's services supplies an access control list 
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(ACL) to the Capability manager. The Capability Manager then generates and distributes 
capability credentials that are supplied by clients when querying an SDS server to find 
services. The SDS server ensures that only those services that the client is allowed to 
discover, based on the client's capabilities, are returned to the client. (Czerwinski, 
sections 3.1, 3.4, and section 3.1, paragraph 5). Czerwinski does not mention anything 
about a service device configured to determine client capabilities for the client, wherein 
the client capabilities are capabilities of the service device that the client is permitted to 
use, and further fails to mention a service device configured to bind the client capabilities 
to the authentication credential. 

Thus, the rejection of claim 43 is not supported by the prior art and its removal is 
respectfully requested. Similar remarks as discussed above in regard to claim 43 apply to 
claims 58 and 59. 

Section 103(a) Rejection : 

The Office Action rejected claims 16, 23, 38, 39 and 56 under 35 U.S.C. § 103(a) 
as being unpatentable over Czerwinski in view of Johnson et al. (U.S. Patent 5,560,008) 
(hereinafter "Johnson") and claim 40 under 35 U.S.C. § 103(a) as being unpatentable 
over Czerwinski in view of Applicant's Applied Prior Art. Applicants traverse these 
rejections for at least the reasons given above in regard to the respective independent 
claims. 

Applicants also assert that the rejections of numerous ones of the dependent 
claims are further unsupported by the cited art. However, since the rejections of each of 
the independent claims have been shown to be improper, a further discussion of the 
rejections of the dependent claims is not necessary at this time. 
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Information Disclosure Statements : 

In regard to the information disclosure statements filed July 31, 2001, August 13, 
2001 and September 17, 2001, the Examiner requested that the Applicants submit 
explanations as. to why the references are relevant to the current application in order for 
the information disclosure statements to be considered. The art cited in these information 
disclosure statements was cited in several related patent applications owned by the same 
assignee as the present application in the same general field of technology. The 
references were cited to fulfill Applicants duty of candor under 37 CFR 1.56. No specific 
study of each reference in regard to the present claims has been performed. Thus, 
Applicants cannot comment as to the relative relevance of the cited references. 
According to MPEP(III)(C)(2), "information contained in information statements which 
comply with both the content requirements of 37 CFR 1.98 and the requirements, based 
on the time of filing the statement, of 37 CFR 1.97 will be considered by the examiner." 
"Examiners must consider all citations in conformance with the rules and [MPEP 609]." 
Since the information disclosure statements are in conformance with 37 CFR 1.97 & 1.98 
and MPEP 609, Applicants respectfully request the Examiner to "consider the documents 
in the same manner as other documents in Office search files are considered by the 
examiner while conducting a search of the prior art in a proper field of search", as 
required by MPEP 609. 
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CONCLUSION 



Applicants submit the application is in condition for allowance, and notice to that 
effect is respectfully requested. 

If any extension of time (under 37 C.F.R. § 1.136) is necessary to prevent the 
above referenced application from becoming abandoned, Applicants hereby petition for 
such extension. If any fees are due, the Commissioner is authorized to charge said fees to 
Meyertons, Hood, Kivlin, Kowert, & Goetzel, P.C. Deposit Account No. 501505/5181- 
64800/RCK. 

Also enclosed herewith are the following items: 
1X1 Return Receipt Postcard 
I I Petition for Extension of Time 
I I Notice of Change of Address 

I I Fee Authorization Form authorizing a deposit account debit in the amount of $ 
for fees ( ). 
□ Other: 



Meyertons, Hood, Kivlin, Kowert, & Goetzel, P.C. 

P.O. Box 398 

Austin, TX 78767-0398 

Phone: (512) 853-8850 

Date: November 1 L 2004 
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Respectfully submitted, 




Robert C. Kowert 
Reg. No. 39,255 

ATTORNEY FOR APPLICANT(S) 



